Google Cloud mandates multi-factor authentication for all users in 2025
Free Trial

Capacity Media is part of techoraco, techoraco Limited, 4 Bouverie Street, London, EC4Y 8AX, Registered in England & Wales, Company number 15236387.

Copyright © techoraco and its affiliated companies 2024

Accessibility | Terms of Use | Privacy Policy | Modern Slavery Statement

Cookies Settings
News

Google Cloud mandates multi-factor authentication for all users in 2025

Ben Wodecki
November 07, 2024 10:51 AM
Digital render of Google Cloud's logo on a 3D icon against a grey background

Google Cloud announced it will make multi-factor authentication (MFA) mandatory for all users of its cloud services.

The mandatory use of MFA will be introduced for all Google Cloud customers in 2025, describing the introduction as a “critical step” for users to protect their cloud environments from unauthorised access.

Subscribe today for free

The connectivity news and insights that matter - straight to your inbox

“There is broad 2-Step Verification (2SV) adoption by users across all Google services. However, given the sensitive nature of cloud deployments — and with phishing and stolen credentials remaining a top attack vector observed by our Mandiant Threat Intelligence team,” Mayank Upadhyay, VP of engineering and a distinguished engineer at Google Cloud wrote in a blog post. “We believe it’s time to require 2SV for all users of Google Cloud.”

Multi-factor authentication is designed to be a more secure way for users to sign into platforms. Using a multi-step login process, users are required to enter information beyond simply a password.

For example, users might be asked to enter a code sent to their email, an answer to a secret question, or potentially biometric information, like a fingerprint or facial recognition.

Google Cloud is now making MFA mandatory for its millions of users, though the provider wants to introduce the measure in a staggered way to “ensure a smooth transition.”

The switch to MFA will span three stages. The first, starting November 2024 aims to encourage MFA adoption. Then, from “early 2025”, MFA will be required for password logins. By the end of 2025, the third phase, MFA will be extended to all users who federate authentication into Google Cloud.

Graphic showing the three phases of Google Cloud's rollout of mandatory multi-factor authentication or MFA

Enterprise customers and users will receive advance notification of the change ahead of their transition to ensure their switch is seamless.

“At Google, we understand that you need flexibility and control when implementing new security measures,” Upadhyay wrote. “We will be working closely with identity providers to ensure there are standards in place for a smooth hand-off.”

Ed Russell, CISO business manager at Qodea described Google Cloud's move to mandatory MFA as a welcome move.

"Passwords alone no longer provide enough protection for sensitive data, and MFA introduces additional verification steps to guard against cyber breaches," Russell said. "Mandatory MFA will likely follow suit as it directly impacts employees' daily access to platforms and applications.

"Organisations must therefore carefully plan their MFA transition and provide staff with dedicated training to ensure a smooth transition," Russell said. "Now is the time for organisations to get ahead of the upcoming changes and dedicate either internal resources or external partners to achieving total MFA compliance.”

RELATED STORIES

Cloud group defends autonomy after Microsoft claims it's bankrolled by Google

Google Cloud Summit keynote: Security, openness, and AI innovation

Google Cloud partners with Salesforce to launch autonomous AI agents

Topics

NewsFraud and SecurityCyber SecurityCloudCloud
Ben Wodecki
Ben Wodecki
Senior Reporter Capacity Media
Contact
More from across our site
Load More
Gift this article
capacitymedia-logo-white.png

Never miss a story again

Subscribe to Capacity today to receive daily insights into the developments and ideas shaping the global connectivity industry.
Subscribe